<?PHP
/*
*	File: 		includes/forum/post.class.php
*	Use:		post Class
*	Functions:	
*
*	Misc:		Class: users
*				Description: handles querys about users (logins, profile changes, etc)
*
*	Coder:		Andrew Thorne, UK
*	Copyright:	No part of this code may be used for any purpose other 
*				than the original intended purpose without prior written 
*				permission of Andrew Thorne. 
*				Use for any other purpose is expressly prohibited by law, 
*				and may result in civil and criminal penalties.
*
*	Contact:	omgrofl@hotmail.co.uk
*
*/
	

class post {

	
	/* 
	*
	* Function: getPost
	*
	*/
	public function getPost($db, $post_id, $deleted=NULL){
		if(isset($deleted)){
			if($deleted==1){
				$deteled= " AND a.post_deleted=1";
			} else {
				$deteled= " AND a.post_deleted=0";
			}
		} else {
			$deteled= " AND a.post_deleted=0";	
		}
		$prefix = $db->getPrefix();	

		if(is_numeric($_SESSION['groupid']) && ($_SESSION['groupid']=="" || !isset($_SESSION['groupid']))){
			$groupId=0;	
		} else {
			$groupId=$db->prep($_SESSION['groupid']);
		}
		
		return $db->query("SELECT * FROM ".$prefix."forum_post a INNER JOIN (".$prefix."forum_topic b INNER JOIN ".$prefix."forum_perms_board c ON b.board_id=c.board_id) ON a.topic_id=b.topic_id WHERE a.post_id=".$db->prep($post_id)." AND c.view=1 AND c.user_group_id=".$groupId.$deteled);

		
	}
	
	/* 
	*
	* Function: getAllPosts
	*
	*/
	public function getAllPosts($db, $topic_id){
		
		$prefix = $db->getPrefix();	

		if(is_numeric($_SESSION['groupid']) && ($_SESSION['groupid']=="" || !isset($_SESSION['groupid']))){
			$groupId=0;	
		} else {
			$groupId=$db->prep($_SESSION['groupid']);
		}
		
		$db->query("UPDATE ".$prefix."forum_topic SET topic_views=topic_views+1 WHERE topic_id=".$topic_id);
		return $db->query("SELECT * FROM ".$prefix."forum_post a INNER JOIN ((".$prefix."forum_topic b INNER JOIN ".$prefix."forum_board c ON b.board_id=c.board_id) INNER JOIN ".$prefix."forum_perms_cat d ON c.cat_id=d.cat_id) ON a.topic_id=b.topic_id WHERE a.topic_id=".$topic_id." AND d.view=1 AND d.user_group_id=".$groupId." ORDER BY post_time ASC");		
		
	}
	
	/* 
	*
	* Function: getUserPostInfo
	*
	*/
	public function getUserPostInfo($db, $user_id){
		$prefix = $db->getPrefix();	
		$sql = "SELECT a.*, b.colour, c.* FROM ".$prefix."users a INNER JOIN ".$prefix."user_groups b ON a.groupid=b.groupid INNER JOIN ".$prefix."user_ranks c ON a.rankid=c.rankid WHERE a.userid=".$user_id;
		$query = $db->query($sql);
		return 	$query;	
	}
	
	/* 
	*
	* Function: getBread
	*
	*/
	public function getBread($db, $topic_id){
		$prefix = $db->getPrefix();	

		if(is_numeric($_SESSION['groupid']) && ($_SESSION['groupid']=="" || !isset($_SESSION['groupid']))){
			$groupId=0;	
		} else {
			$groupId=$db->prep($_SESSION['groupid']);
		}
		
		if(is_numeric($topic_id)){
			$sql = "SELECT * FROM (((".$prefix."forum_topic a INNER JOIN ".$prefix."forum_board b ON a.board_id=b.board_id) INNER JOIN ".$prefix."forum_category c ON b.cat_id=c.cat_id) INNER JOIN ".$prefix."forum_perms_board d ON b.board_id=d.board_id) INNER JOIN ".$prefix."forum_perms_cat e ON c.cat_id=e.cat_id WHERE e.view=1 AND e.user_group_id=".$groupId." AND d.view=1 AND d.user_group_id=".$groupId." AND a.topic_id=".$topic_id;
			$result = $db->query($sql);	
			if(mysql_num_rows($result)==1){
				while($row = mysql_fetch_object($result)){
					$bread['cat_id'] = $row->cat_id;
					$bread['boa_id'] = $row->board_id;
					$bread['top_id'] = $row->topic_id;
					$bread['cat_name'] = $row->cat_name;
					$bread['boa_name'] = $row->board_name;
					$bread['top_name'] = $row->topic_name;
					return $bread;
				}
			} else {
				return false;	
			}
		} else {
			return false;	
		}
	}
	
	/* 
	*
	* Function: parsePost
	*
	*/
	public function parsePost($db, $text){
		
		$prefix = $db->getPrefix();	
		$bbcodeResult = $db->query("SELECT * FROM ".$prefix."bbcode");
		$text = str_replace("<", "&lt;", $text);
		$text = str_replace("\"", "'", $text);
		$text = str_replace(">", "&gt;", $text);
		$text = str_replace("&nbsp;", " ", $text);
		$text = str_replace("\n", "<br />", $text);
		while($bbcodeRow = mysql_fetch_object($bbcodeResult)){
			$regText = str_replace("{TEXT}", "(.*?)", $bbcodeRow->regex_tags);
			$regText = str_replace("[", "\[", $regText);
			$regText = str_replace("]", "\]", $regText);
			$regText = str_replace("/", "\/", $regText);
			$regText = str_replace("=", "\=", $regText);
			
			$counter=1;
			$repText = $bbcodeRow->regex_html;
			$noToRep = preg_match_all('/\{TEXT\}/', $bbcodeRow->regex_html, $matches) / preg_match_all('/\{TEXT\}/', $bbcodeRow->regex_tags, $matches);
			while(preg_match_all('/\{TEXT\}/', $repText, $matches)>0){
				$repText = preg_replace("/\{TEXT\}/", "\\$".$counter, $repText, $noToRep);
				//$repText2 = str_replace("<", "&lt;", $repText);
				//$repText2 = str_replace(">", "&gt;", $repText2);
				$counter++;
			}
			//echo "<code>".$bbcodeRow->bbcode_name." = repT: ".$repText2."  |  regT: ".$regText."</code><br>";
			$text = preg_replace("/".$regText."/is", $repText, $text);
		}	
		$smileyResult = $db->query("SELECT * FROM ".$prefix."smilies");
		
		while($smileyRow = mysql_fetch_object($smileyResult)){
			$text = str_replace($smileyRow->smiley_tag, "<img name='smiley' class='smiley' title='".$smileyRow->smiley_name."' src='images/smilies/".$smileyRow->smiley_path."' width='15' height='15' alt=\"".$smileyRow->smiley_tag."\" />", $text);
		
		}		
		return $text;
	}
	
	/* 
	*
	* Function: postReply
	*
	*/
	public function postReply($db, $message, $title, $topic, $quoting=0){
		
		$prefix = $db->getPrefix();	
		
		if(!is_numeric($quoting)){
			$quoting = 0;
		}
		
		if(is_numeric($_SESSION['groupid']) && ($_SESSION['groupid']=="" || !isset($_SESSION['groupid']))){
			$groupId=0;	
		} else {
			$groupId=$db->prep($_SESSION['groupid']);
		}

		if(is_numeric($topic)){
			$sql = "SELECT * FROM ".$prefix."forum_topic a INNER JOIN ".$prefix."forum_perms_board b ON a.board_id=b.board_id WHERE a.topic_id=".$db->prep($topic)." AND b.reply=1 AND b.user_group_id=".$groupId;
			$result = $db->query($sql);
				
			if(mysql_num_rows($result)>0){
				
				$htmlMessage = $this->parsePost($db, $message);

				$title = $this->parsePost($db, $title);
				$postTime = time();
				$db->query("INSERT INTO ".$prefix."forum_post(topic_id, user_id, post_name, post_content_tags, post_content_html, post_time, post_edited, quoting) VALUES(".$db->prep($topic).",".$db->prep($_SESSION['uid']).",'".$db->prep($title)."','".$db->prep($message)."','".$db->prep($htmlMessage)."',".$db->prep($postTime).",0,".$quoting.")");
				$db->query("UPDATE ".$prefix."forum_topic SET topic_replies=topic_replies+1, topic_time=".$postTime." WHERE topic_id=".$db->prep($topic));
				return true;
			} else {
				return false;	
			}
		} else {
			return false;	
		}
	}


	/* 
	*
	* Function: deletePost
	*
	*/
	public function deletePost($db, $users, $postId){
		$prefix = $db->getPrefix();	
		$canDelete=false;
		if(is_numeric($postId) && is_numeric($_SESSION['uid'])){
			$sql = "SELECT user_id FROM ".$prefix."forum_post WHERE post_id=".$db->prep($postId)." AND user_id=".$_SESSION['uid'];
			$getPoster = $db->query($sql);
			if(mysql_num_rows($getPoster)==1){
				$canDelete = true;
			} else if($users->auth($db, 2)){
				$canDelete = true;
			} else {
				return false;
			}
			if($canDelete){
				$outcome = $db->query("UPDATE ".$prefix."forum_post SET post_deleted=1, post_deleted_by_id=".$db->prep($_SESSION['uid'])." WHERE post_id=".$db->prep($postId));
				if($outcome){
					return true;	
				} else {
					return false;
				}
			} else {
				return false;	
			}
		} else {
			return false;	
		}
	}
	
	/* 
	*
	* Function: undeletePost
	*
	*/
	public function undeletePost($db, $users, $postId){
		$prefix = $db->getPrefix();	
		$canDelete=false;
		if(is_numeric($postId) && is_numeric($_SESSION['uid'])){
			$getPoster = $db->query("SELECT user_id FROM ".$prefix."forum_post WHERE post_id=".$db->prep($postId)." AND user_id=".$_SESSION['uid']);
			if(mysql_num_rows($getPoster)==1){
				$canDelete = true;
			} else if($users->auth($db, 2)){
				$canDelete = true;
			} else {
				$canDelete = false;
			}
			if($canDelete){
				$outcome = $db->query("UPDATE ".$prefix."forum_post SET post_deleted=0, post_deleted_by_id=0 WHERE post_id=".$db->prep($postId));
				if($outcome){
					return true;	
				} else {
					
					return false;
				}
			} else {
				return false;	
			}
		} else {
			return false;	
		}
	}
	
	/* 
	*
	* Function: editPost
	*
	*/
	public function editPost($db, $message, $title, $postId){
		$prefix = $db->getPrefix();	
		$title = $this->parsePost($db, $title);
		$htmlMessage = $this->parsePost($db, $message);
		$postTime = time();
		if(is_numeric($postId) && is_numeric($_SESSION['uid'])){
			$outcome = $db->query("UPDATE ".$prefix."forum_post SET post_name='".$db->prep($title)."', post_content_tags='".$db->prep($message)."', post_content_html='".$db->prep($htmlMessage)."', post_edited=1, post_edited_by_id=".$db->prep($_SESSION['uid']).", post_edited_time=".$postTime." WHERE post_id=".$db->prep($postId));	
			if($outcome){
				return true;	
			} else {
				return false;
			}
		} else {
			return false;	
		}
	}

}
?>